howto:nix_hosts
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
howto:nix_hosts [2023/06/03 22:07] – tcmal | howto:nix_hosts [2023/07/29 11:14] (current) – removed tcmal | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Working on NixOS hosts / Core services ====== | ||
- | Our 'core services' | ||
- | |||
- | A lot of this is specific to Tardis core services nix, and is mostly geared towards people needing to make superficial changes, that probably haven' | ||
- | |||
- | ===== ' | ||
- | |||
- | Our core services is setup to deploy whatever' | ||
- | |||
- | With that said, you should still use a syntax checker / linter. You can download [[https:// | ||
- | |||
- | [[https:// | ||
- | |||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | **You won't be able to merge directly into main**, for hopefully obvious reasons. Make a branch and an MR, then ask someone else to approve it. | ||
- | |||
- | ===== Prolonged work ===== | ||
- | |||
- | If you're doing a lot of work and want to deploy and redeploy without pushing to CI, you'll need to do some local setup. Fortunately - you don't need a lot of disk space (all of our hosts take up about 11G). We can do all the actual building remotely, and only do some local config to make Nix forward things properly. | ||
- | |||
- | ==== Installing Nix ==== | ||
- | |||
- | |||
- | You'll need something running *nix - either a VM or WSL. MacOS (Darwin) should work, but we haven' | ||
- | |||
- | We recommend the [[https:// | ||
- | |||
- | < | ||
- | curl --proto ' | ||
- | </ | ||
- | |||
- | It gives you basically the same setup as [[https:// | ||
- | |||
- | If you do use the official Nix installer, add '' | ||
- | |||
- | ==== Extra Setup ==== | ||
- | |||
- | Remote building works like this: | ||
- | |||
- | - Upload your sources to our build server | ||
- | - Have it build it | ||
- | - When you deploy, everything gets downloaded from the build server | ||
- | |||
- | For packages we're not building (most packages that we haven' | ||
- | To fix this, add '' | ||
- | |||
- | Lastly, we need //root// to have passwordless ssh to '' | ||
- | |||
- | < | ||
- | Host tardis | ||
- | User USERNAME | ||
- | IdentityFile / | ||
- | HostName tardisproject.uk | ||
- | |||
- | Host nixbuild.internal.tardisproject.uk | ||
- | User root | ||
- | HostName nixbuild.internal.tardisproject.uk | ||
- | ProxyJump tardis | ||
- | IdentityFile / | ||
- | </ | ||
- | |||
- | [[hosts: | ||
- | |||
- | Finally, for deployment, you'll need to be able to ssh (from your user) into '' | ||
- | |||
- | If you've gotten this far, test everything with these commands: | ||
- | |||
- | < | ||
- | # Test using the remote build server | ||
- | nix store ping --store ssh:// | ||
- | # Test passwordless SSH to root@ wherever youre deploying | ||
- | ssh web.tardisproject.uk | ||
- | </ | ||
- | |||
- | ==== Doing the thing ==== | ||
- | |||
- | Now that you're all setup, you can use the 3 scripts in our repo for most tasks: | ||
- | |||
- | * '' | ||
- | * '' | ||
- | * '' | ||
- | |||
- | And some routine Nix tasks: | ||
- | |||
- | - '' | ||
- | - '' |
howto/nix_hosts.1685830028.txt.gz · Last modified: 2023/06/03 22:07 by tcmal